Despite all the complexity you might put into your password, it won’t always be enough to effectively protect your account and your personal data.
That’s why many sites have introduced dual authentication, also known as strong authentication, two-factor authentication or two-factor authentication.
Does this solution really make sense for you?
Let’s find out.
What is dual authentication?
Double authentication is a process which, in principle, increases the security of an Internet account.
When you try to connect to your account from an unknown device, in addition to your usual password, the site asks you for a temporary security code.
Most often, this code is sent by SMS, but other methods exist, such as sending an e-mail or using a software application like Google Authenticator or OAuth.
In the event of a connection attempt without a security code from an unknown device, you will receive a notification to alert you.
You can then confirm that it was you who tried to log in, or follow a process to re-secure your account.
What’s the advantage of two-factor identification?
While we can’t claim thatstrong authentication prevents 100% of intrusions, it does provide additional security in the event that your password is discovered (for example, in the case of a phishing operation in which you’ve been caught out).
On the other hand, it’s not just a second layer of protection, it’s really an additional key at a higher level.
With conventional authentication, your information (username and password) depends entirely on the virtual world.
These two pieces of information can therefore be recovered simultaneously in the event of a hacker attack.
With dual authentication, on the other hand, additional security depends on a physical object – your cell phone – which you need to have in your possession.
In this respect, this method offers much more than just an additional layer of security: it provides a higher level of protection, which is far more difficult for a hacker to penetrate.
I have a firewall. Is dual authentication necessary?
A firewall acts as a bulwark against hackers entering your system, protecting your computer or computer network from the rest of the Internet.
This system is highly effective in preventing intrusions, but it doesn’t make double authentication unnecessary.
In fact, to obtain personal data such as your login and password for a site, it is not necessary to penetrate your system.
Phishing operations can easily get past your firewall, prompting you to hand over your information to hackers without you even realizing it.
But with two-factor authentication, your login and password will be of no use to hackers if they don’t have the temporary code, makingtwo-factor authentication an effective security method, even with an effective firewall.
I use a VPN. Should I opt for strong authentication?
A VPN secures your Internet browsing by encrypting your data.
Using this encryption “tunnel” makes you invisible and prevents hackers from spying on you.
By using a VPN, your IP address is replaced by that of the VPN server, making it impossible for anyone to trace your activity back to your computer.
This method is particularly effective in protecting you from intrusions, but, like the firewall, it doesn’t protect you from phishing.
For this reason, using a VPN does not deprive double authentication of its relevance.
Cloud deployment and the need for strong authentication
Online software such asOffice 365 and the growing use of the Cloud to store and exchange files offer a pleasant level of convenience.
Nevertheless, all this information stored on the Net is accessible via a login and password, which means that, like any online account, it can be hacked, even with secure installations.
To increase the security of your data, it is therefore essential to activate dual authentication for your Office 365 account account and your various online software applications such as billing, accounting or management software.
When it comes to Internet connections, it’s best to keep in mind that two protections are better than one, and stop believing that it only happens to others.
Installing several levels of protection on your computer or network is the best way to combat espionage and piracy.
Strong authentication should be seen as the last level of security you need to pass before you can access your account.
A difficult level to pass, since it requires you to have your phone in hand.
It is therefore a reliable security method, and will undoubtedly be your best ally against phishing attempts.
If Google and Microsoft are saying the same thing, maybe it’s time to act?
In a statement at the end of August 2019, Microsoft announces that multi-factor authentication is the answer to 99.9% of hacks.
And Google says exactly the same thing “Our research shows that simply adding a recovery phone number to your Google account can block up to 100% of automated bots.”
When Google and Microsoft recommend MFA, it’s probably a good time to start following their advice and implement this technology at home.
